mastodon - Link to source

🚨 Gmail ads aren’t just annoying - they may be illegal. 🚨

Google could pay €525M for breaking privacy laws.
👉 tuta.com/blog/gmail-ads-annoyi…

This is a BIG WIN for #privacy 🔒💥

What's your reason for having switched to Tuta?

Gmail vs Tuta 1. Google tracks you. We don't. 2. Google knows you inside out. We don't. 3. Google in the US versus us in Germany. 4. Google's profit maximization versus our passion for privacy.

Gmail ads are not just annoying: Google is now facing a record fine in France! | Tuta

Google may have violated your privacy and is now facing the consequences: a 525 million euro fine.
Tuta
#privacy
in reply to Tuta

mastodon - Link to source

snornik

sry to say this tuta: but privacy in germany is a ticking time bomb. maybe for EU reasons its still better than US but for sure not because german gov likes this / wants this or even remotely cares. if they cant pass Vorratsdatenspeicherung, they gonna abuse anything else to change this as quickly as possible. and who knows what they enforce upon you about longterm backups even years in future.
like most ISP's in DE log connections and not because they need to but because they want or got paid todo it.
if i cant trust this country how should i trust a company operating in it? also comparing yourself against the worst seems weird for me. why not compare against the privacy aware competitors?
EDIT: also there are serious efforts to undermine encryption in general.
EDIT2: sry that was maybe way to harsh and i'm happy alternatives are growing. its the current political movement and the ongoing shift to the right that makes me really worried what would happen to companies if germany goes 1933 again
This entry was edited (2 months ago)
in reply to Tuta

mastodon - Link to source

snornik

hope its okay to ask but the advertised E2E encryption who has/saves the keys? is it like US based common messenger (pretty sure its clear which one i mean) that advertises E2E but the keys are stored on the same servers and backups than the comm? if i may quote your website "Tuta has zero access to your mailbox, only the sender and the recipient can read your emails." how by default? if its not PGP and the users handle their keys themselves? login passwords and every thing else that get send to the server is out of control of the user. and can be logged if politics goes full fascist mode, same goes for backups.. just asking out of curiosity?
Edit: if you use public/privat key PGP like E2E but generate or even store the keys yourself. How can you possibly have "zero access" to a users mailbox? maybe im dumb and just dont get how this should work?
Edit2: sry for beeing picky but if the server has the keys, its the same than 2 TLS clients, encrypted yes but not E2E and not "zero access"
This entry was edited (2 months ago)
in reply to snornik

mastodon - Link to source

Tuta

@snornik We explain all of this here: tuta.com/encryption The key is encrypted with your password so that only you have access. We use a quantum-safe hybrid encryption protocol that works similarly to PGP, but not with the same algorithms.

And no, it's not the same as TLS, it's end-to-end encryption with only sender & recipient having access.


Everything you need to know about Tuta's encryption. | Tuta

Details on how the encrypted email & calendar service Tuta encrypts all data.
Tuta
@snornik
in reply to Tuta

mastodon - Link to source

snornik

sry for the late reply. yeah thats exacly what i meant. if the keys and the passwords (hashed or not) are stored on the server, that not E2E how i understand it. thats maybe a little bit better than whatsapp but definitly not E2E. if german gov (now or in the future) wants to get all your mails. they just need to man in the middle the password. which will be no problem at all. "end-to-end encryption with only sender & recipient having access" yes exactly thats why you should not have/store the keys in the beginning. passwords need to get transmitted. and it would be E2E only if you would have no access to to keys.

Edit: yeah i read this link tuta.com/encryption that was axactly why i wrote this because this is american style peudo E2E promises.

And please: i would like this. but the keys need to stay on the client sides. thats the meaning of END2END.


Everything you need to know about Tuta's encryption. | Tuta

Details on how the encrypted email & calendar service Tuta encrypts all data.
Tuta
This entry was edited (1 week ago)
Unknown parent

mastodon - Link to source

Tuta

@canleaf And the courts have always stopped them here in Germany. tuta.com/blog/data-retention-g…

Data retention is a complex issue, while Germany has some laws on this, email is explicitly exempt due to its nature of offering private communication.

We're monitoring the development and keep fighting for your right to privacy!


Germany: Data retention to be abolished once and for all. | Tuta

According to the German Minister of Justice data retention or "the storage of telecommunications data without any reason" could soon come to an end.
Tuta
@canleaf08 ⌘ ✅
⇧